Last year several reports revealed that privileged users were the riskiest in organizations. Researchers have now established yet another troublesome tendency – an increase of employees turning into insider traders. Apparently, dark web marketplaces have seen an abundance of insiders offering help, information or access to their companies’ networks. Of course, all of this is done for money.
Related: Privileged Users Are the Riskiest in an Organization, Security Survey Says
Insider threats have doubled from 2015 to 2016
Researchers from InSights and RedOwl have been analyzing posts on several dark web forums. They found out that discussions and insider outreach almost doubled from 2015 to 2016:
The dark web has created a market for employees to easily monetize insider access. Currently, the dark web serves as a vehicle insiders use to ‘cash out’ on their services through insider trading and payment for stolen credit cards.
The researchers were able to sneak into several of those forums, such as the Insider Trading KickAss marketplace. The latter is a subforum, active for almost a year. There’s a membership fee of 1 BTC, and the admins are very picky about new members. Membership require the newcomer to prove their capabilities and/or access to the specific data by sharing real inside information. The information is then submitted to thorough checks and confirmation, as explained by the researchers.
The forum appears relatively active with approximately five posts per week and a total of 40 BTC in transactions (approximately $35,800). According to the group’s manager, there are members who make more than $5,000 USD a month using the leaked information.
Besides valuable inside information, dark web forum admins are also looking for chain store cashiers that could assist them in buying iPhones with stolen credit cards. Logically, the cashiers are rewarded for not flagging the transaction as potentially fraudulent. Other criminal demands include outreaching other store employees for acquiring customers’ payment card details.
Related: Display Name Spoofs Most Popular in Corporate Spear Phishing
Another example illustrates fraudsters contacting a bank employee to help them plant malware onto the bank’s network. This would grant criminals continuous access to systems that deal with transfers.
What should organizations do to minimize the risk of corporate insider threats?
Organizations should prioritize internal discipline. Consistent corporate security policies should first be carefully created, and then maintained thoroughly. Employees should be trained to care about security and privacy. Of course, there should be strict penalties corresponding to illegal behavior on behalf of employees.
There should also be proper technology and security teams that should constantly be on the lookout for suspicious employee activities, researchers conclude.
Milena Dimitrova
An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim
Follow Me: